oss-sec mailing list archives
CVE request: XXE in Openpyxl
From: Sébastien Delafond <seb () debian org>
Date: Tue, 7 Feb 2017 09:57:39 +0000 (UTC)
Hello, the Debian Security Team would like to request a CVE for an XML XEE discovered in Openpyxl by Marcin Ulikowski from F-Secure; Openpyxl resolves external entities by default: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854442 https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1 Cheers, --Seb
Current thread:
- CVE request: XXE in Openpyxl Sébastien Delafond (Feb 07)
- Re: CVE request: XXE in Openpyxl Doran Moppert (Feb 07)
- Re: CVE request: XXE in Openpyxl Sébastien Delafond (Feb 13)
- Re: Re: CVE request: XXE in Openpyxl Doran Moppert (Feb 13)
- Re: CVE request: XXE in Openpyxl Sébastien Delafond (Feb 14)
- Re: CVE request: XXE in Openpyxl Sébastien Delafond (Feb 15)
- Re: CVE request: XXE in Openpyxl Sébastien Delafond (Feb 13)
- Re: CVE request: XXE in Openpyxl Doran Moppert (Feb 07)